Deploying OpenVidu on AWS



Deployment instructions 🔗

The deployment of OpenVidu can be a piece of cake if you have an AWS account. Just follow these steps:

1. Access to the console of AWS Cloud Formation 🔗

Go to CloudFormation



2. Select Create Stack 🠚 With new resources 🔗



3. Option Specify template 🠚 Amazon S3 URL with the following URL 🔗

https://s3-eu-west-1.amazonaws.com/aws.openvidu.io/CF-OpenVidu-latest.yaml

To deploy a fixed version, including previous ones, replace latest with the desired version number.
For example: https://s3-eu-west-1.amazonaws.com/aws.openvidu.io/CF-OpenVidu-2.14.0.yaml



4. Specify stack details 🔗

First of all, indicate a name for your deployment. Next fill each section of the Parameters formulary:

Domain and SSL certificate configuration 🔗

Configuration for your CloudFormation stack certificate. We provide 3 different scenarios: you can use the default SELF-SIGNED CERTIFICATE stored in the application (users will need to accept the browser security alert) or if you have a custom domain, either allow LET'S ENCRYPT to automatically generate a valid and free certificate for your domain or use your own CUSTOM CERTIFICATE if you already have one (and for some unknown reason you still want to use that).

Self-Signed certificate Let's Encrypt certificate Custom certificate
Certificate Type selfsigned letsencrypt owncert
AWS Elastic IP (EIP) One AWS Elastic IP you generated
(check AWS Docs to generate a new one)
One AWS Elastic IP you generated
(check AWS Docs to generate a new one)
Domain Name pointing to Elastic IP Your fully qualified domain
For example: openvidu.company.com
Your fully qualified domain
For example: openvidu.company.com
URL to the CRT file URL to your public key file
The CloudFormation stack must have access to this URL, at least temporarily
URL to the key file URL to your private key file
The CloudFormation stack must have access to this URL, at least temporarily
Email for Let's Encrypt Your choice

If you are using LET'S ENCRYPT CERTIFICATE, of course you will need to register your ElasticIP in your DNS hosting service and associate it with the fully qualified domain name. Until your domain name is not accessible through the public IP you chose, this deployment won't work

OpenVidu configuration 🔗

Here you will only be able to configure OpenVidu secret, but there are many other configuration values that can be set once the deployment has completed. Visit Administration section after your deployment is successful to update OpenVidu configuration.

Openvidu Secret
Secret to connect to this OpenVidu deployment. No whitespaces or quotations allowed
Your choice

EC2 Instance configuration 🔗

These properties configure specific details of the EC2 machine that will be launched by CloudFormation.

Instance type
Type of EC2 Instance where to deploy OpenVidu
Choose from the drop-down button
SSH Key
SSH key for your EC2 Instance
Choose from the drop-down button
(check AWS Docs to create a new one)

Other configuration 🔗

These properties configure some other options of your stack.

Deploy OpenVidu Call application
Choose if you want to deploy OpenVidu Call application alongside OpenVidu platform
Choose from the drop-down button
Send deployment info to OpenVidu team
Choose if you don't mind sending to OpenVidu team the version deployed and AWS region
Choose from the drop-down button



5. Create your stack 🔗

No extra options are necessary. Click on NextNextCreate stack

CREATE_IN_PROGRESS status will show up. You will now have to wait about 2 minutes until it shows CREATE_COMPLETE. If status reaches CREATE_FAILED, check out this FAQ.

After status changes to CREATE_COMPLETE, go to Outputs tab to get your brand new IP and click on it (or if you have deployed under your own custom domain, then you should access through it instead).


That URL is the one to be used to consume OpenVidu REST API. Besides:

  • If you have deployed OpenVidu Call (see Other configuration) you can also access to it through that same URL.
  • You can access OpenVidu Server dashboard to make a quick test of your deployment through /dashboard. Credentials to access to it are OPENVIDUAPP as username and your OpenVidu secret as password.

You can now add your own application to your instance. To learn how check out section Deploy OpenVidu based applications.



6. Administration 🔗

AWS deployments of OpenVidu CE are internally identical to on premises deployments. This means that you can manage OpenVidu platform very easily by connecting to your instances through SSH. Located at the default installation path /opt/openvidu as root user ($ sudo su) you will be able to:



Troubleshooting 🔗

CREATE_FAILED CloudFormation stack 🔗

First of all, an AWS CloudFormation stack may reach CREATE_FAILED status for missing a default VPC. Check out this FAQ on how to fix it.

If that is not the problem, then follow these steps:

  • 1) Try to deploy again, but this time disabling option Rollback on failure (Configure stack options 🡆 Advanced Options 🡆 Stack creation options). This will prevent the instance to be terminated in case of failure so logs can be gathered. Once you re-deploy with this option, the stack will still fail but you’ll be able to access instances through SSH and retrieve some files to debug the problem.
  • 2) We will also need the parameters you've used to deploy, to check possible problems in their values
  • 3) Once you have performed step 1) and the stack creation has failed, please SSH into the created EC2 instance and share with us CloudFormation logs

    • /var/log/cloud-init.log
    • /var/log/cloud-init-output.log

  • 4) Get also the log output of all the services with this command and share with us the output file:

    • docker-compose logs -f

AWS deployments of OpenVidu CE work under the hood in the exact same manner as on premises deployments. So everything explained in Troubleshooting section of on premises deployments also applies to AWS deployments. There you have detailed instructions on how to debug all of OpenVidu services in case some unexpected problem appears.


Kurento Media Server crash 🔗

Sometimes Kurento Media Server (the service in charge of streaming media inside of Media Nodes) may crash. If this happens on a regular basis, or better, you have isolated a specific use case where KMS always crashes, then perform the following steps to collect a crash report that will help us fix the issue.

In AWS deployments of OpenVidu CE, KMS crash reports are enabled by default. You can directly get them with the following steps:

1) Download the KMS crash report 🔗

ssh -i AWS_SSH_KEY [email protected]_IP "sudo tar zcvfP ~/core_dumps.tar.gz /opt/openvidu/kms-crashes/*"
scp -i AWS_SSH_KEY [email protected]_IP:~/core_dumps.tar.gz .

Replace AWS_SSH_KEY with the path to the SSH key of the EC2 instance and OPENVIDU_IP with its IP address.

2) Clean the KMS crash report 🔗

So as not to consume too much hard drive, delete the crash report once you have downloaded it. IMPORTANT: obviously, do NOT do this before downloading the report.

ssh -i AWS_SSH_KEY [email protected]_IP "sudo rm /opt/openvidu/kms-crashes/* && sudo rm ~/core_dumps.tar.gz"

Replace AWS_SSH_KEY with the path to the SSH key of the EC2 instance and OPENVIDU_IP with its IP address.